tech-kern: Re: PAM

Subject: Re: PAM
To: <>
From: Ignatios Souvatzis <ignatios@theory.cs.uni-bonn.de>
List: tech-kern
Date: 09/25/2002 10:47:39

--gBBFr7Ir9EOA20Yy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi,

On Wed, Sep 25, 2002 at 10:10:42AM +0200, der Mouse wrote:

> (2) It's also fairly easy to fix; the simplest change that comes to
>     mind is to have the magic syscalls affect the parent of the calling
>     process rather than the calling process itself.  An arguably better
>     way would be to have the calls affect "the process on the other end
>     of this pipe".

Minor comment:

This won't work. There can be zero to N processes at the end of a pipe.

I don't think "affect all processes at the other end of a pipe" is wise...
IMHO this opens us up for interesting future security holes.

Regards,
	Ignatios

--gBBFr7Ir9EOA20Yy
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBPZF4KDCn4om+4LhpAQE7oQgAiYUOlk8pBpSnMiL1ruh5fOxQWvWkw1Hw
F+/AZl0VqCb5d76o14BgbGOkQ7UosF1yyhsV6cT3hF9T1qloO3rX/MGtTPJEsuPo
3PXTC+fRqlHcEpTu3f9SUTBllxiwedJKWrn6vFtpANuyI12tGqHUkBS54j6vQ+MD
CtTzRHL+q0zlMJUmdBlvvZO7g5aq4CleNAm2SOkVt5EYEndEiu9mUaLrLvTRWXNh
gwk0R5I7FgPVmO4qOHUyv1l2GT6650HKDu3HaCDqbUBufVFykvivFuRMCfFlpdVP
h9oBsoMlqWJicFFjeWLKc0+nVMu8HUPhdG2LJ/WdaYXcrd8ZWxWMSA==
=Vrmp
-----END PGP SIGNATURE-----

--gBBFr7Ir9EOA20Yy--